Configuring Active Directory Users

If your company uses the Microsoft Active Directory software, you can configure the software to provide access to CMC, allowing you to add and control CMC user privileges to your existing users in your directory service. This is a licensed feature.

NOTE: On the following Operating Systems, you can recognize the users of CMC users by using Active Directory.

Microsoft Windows 2000

Microsoft Windows Server 2003

Microsoft Windows Server 2008

You can configure user authentication through Active Directory to log in to the CMC. You can also provide role-based authority, which enables an administrator to configure specific privileges for each user.

Supported Active Directory Authentication Mechanisms

You can use Active Directory to define CMC user access using two methods:

Standard schema solution that uses Microsoft’s default Active Directory group objects only.

Extended schema solution that has customized Active Directory objects provided by Dell. All the access control objects are maintained in Active Directory. It provides maximum flexibility to configure user access on different CMCs with varying privilege levels.

Standard Schema Active Directory Overview

As shown in the following figure, using standard schema for Active Directory integration requires configuration on both Active Directory and CMC.

In Active Directory, a standard group object is used as a role group. A user who has CMC access is a member of the role group. To give this user access to a specific CMC card, the role group name and its domain name need to be configured on the specific CMC card. The role and the privilege level is defined on each CMC card and not in the Active Directory. You can configure up to five role groups in each CMC. The following table shows the default role group privileges.

Table 14. : Default Role Group Privileges

Role Group

Default Privilege Level

Permissions Granted

Bit Mask

 

 

 

 

 

1

None

CMC Login User

0x00000fff

 

 

Chassis

 

 

 

 

Configuration

 

 

 

 

Administrator

 

 

 

User Configuration

 

 

 

 

Administrator

 

 

 

Clear Logs

 

 

 

 

Administrator

 

 

 

Chassis Control

 

 

 

 

Administrator (Power

 

 

 

 

Commands)

 

 

 

Server Administrator

 

126

Page 126
Image 126
Dell 2 manual Configuring Active Directory Users, Supported Active Directory Authentication Mechanisms